CVE-2016-8690
- EPSS 2.41%
- Veröffentlicht 15.02.2017 19:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted BMP image in an imginfo command.
CVE-2016-8691
- EPSS 2.17%
- Veröffentlicht 15.02.2017 19:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted XRsiz value in a BMP image to the imginfo command.
CVE-2016-8692
- EPSS 2.17%
- Veröffentlicht 15.02.2017 19:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted YRsiz value in a BMP image to the imginfo command.
CVE-2016-8693
- EPSS 3.42%
- Veröffentlicht 15.02.2017 19:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Double free vulnerability in the mem_close function in jas_stream.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image to the imginfo command.
CVE-2013-7459
- EPSS 9.5%
- Veröffentlicht 15.02.2017 15:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py.
CVE-2016-4796
- EPSS 3.56%
- Veröffentlicht 03.02.2017 16:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Heap-based buffer overflow in the color_cmyk_to_rgb in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (crash) via a crafted .j2k file.
CVE-2016-4797
- EPSS 2.03%
- Veröffentlicht 03.02.2017 16:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Divide-by-zero vulnerability in the opj_tcd_init_tile function in tcd.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (application crash) via a crafted jp2 file. NOTE: this issue exists because of an incorrect fix for ...
CVE-2016-8568
- EPSS 1.9%
- Veröffentlicht 03.02.2017 15:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file.
CVE-2016-8569
- EPSS 1.84%
- Veröffentlicht 03.02.2017 15:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file.
CVE-2016-9085
- EPSS 0.43%
- Veröffentlicht 03.02.2017 15:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown vectors.